<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Booking First-Raiffeisen Response</title>
<script>
function onLoad(){
document.forms[0].submit();
}

</script>
</head>
<body onload="onLoad();">

<h1> success...</h1>


<?php


$MerchantID =isset($_POST['MerchantID']) ? $_POST['MerchantID'] : "";                          //data from our Gateway
$TerminalID = isset($_POST['TerminalID']) ? $_POST['TerminalID'] : "";
$TotalAmount = isset ($_POST['TotalAmount']) ? $_POST['TotalAmount'] : "";
$AltTotalAmount = isset($_POST['AltTotalAmount']) ? $_POST['AltTotalAmount'] : "";
$CurrencyID = isset($_POST['Currency']) ? $_POST['Currency'] : "";
$AltCurrencyID = isset($_POST['AltCurrency']) ? $_POST['AltCurrency'] : "";
$PurchaseTime = isset($_POST['PurchaseTime']) ? $_POST['PurchaseTime'] : "";
$OrderID = isset($_POST['OrderID']) ? $_POST['OrderID'] : "";
$XID = isset($_POST['XID']) ? $_POST['XID'] : "";
$ApprovalCode = isset($_POST['ApprovalCode']) ? $_POST['ApprovalCode'] : "";
$Rrn = isset($_POST['Rrn']) ? $_POST['Rrn'] : "";
$ProxyPan = isset($_POST['ProxyPan']) ? $_POST['ProxyPan'] : "";
$TranCode = isset($_POST['TranCode']) ? $_POST['TranCode'] : "";
$locale = isset($_POST['locale']) ? $_POST['locale'] : "";
$signature = isset($_POST['Signature']) ? $_POST['Signature'] : "";
$SD = isset($_POST['SD']) ? $_POST['SD'] : "";
$Email = isset($_POST['Email']) ? $_POST['Email'] : "";
$Delay = isset($_POST['Delay']) ? $_POST['Delay'] : "";

$errorCode = '';

$fp = fopen("http://booking.first.al/raiffeisen/test-server.cert", "r");
if (!$fp) exit("Certificate is missed:test-server.cert ");
	$pub_key = fread($fp, 8192);	
fclose($fp);

$signature = base64_decode($signature); 
if($AltTotalAmount)
{
	$data = "$MerchantID;$TerminalID;$PurchaseTime;$OrderID;$XID;$CurrencyID,$AltCurrencyID;$TotalAmount,$AltTotalAmount;;$TranCode;$ApprovalCode;";
}else{
	$data = "$MerchantID;$TerminalID;$PurchaseTime;$OrderID;$XID;$CurrencyID;$TotalAmount;;$TranCode;$ApprovalCode;";
}
$crtid = openssl_get_publickey($pub_key);

$verify_status = openssl_verify($data, $signature, $crtid); 
openssl_free_key($crtid);

if($verify_status==1)   
{ 
	if ($TranCode=='000') { 

	/*echo 'Payment complete successful';*/
}

	if ($TranCode != "000")  
	{	
	if($TranCode == 105){
		$errorCode= 'Transaction not allowed by the issuing bank.'; 
	}

	if($TranCode == 116){
		$errorCode= 'Shortage of funds.' ;
	} if($TranCode == 101){
		$errorCode= 'Wrong expiration date.'; 
	}if($TranCode == 108){
		$errorCode= 'Lost or stolen card.'; 
	}
	if($TranCode == 111){
		$errorCode= 'Non-existent card.'; 
	}
	if($TranCode == 116){
		$errorCode= 'Shortage of funds.'; 
	}
	if($TranCode == 130){
		$errorCode= 'Allowed overexpenditure limit exceeded.'; 
	}

	if($TranCode == 290){
		$errorCode= 'Issuing bank unavailable.'; }

	if($TranCode == 291){
		$errorCode= 'Technical or communication problem.'; 
	}
	if($TranCode == 401){
		$errorCode= 'Format error.'; }
 
	if($TranCode == 402){
		$errorCode= 'Acquirer/Merchant parameters error.';}

	if($TranCode == 403){
		$errorCode= 'Connection with PS source (DS) error.';}

	if($TranCode == 404){
		$errorCode= 'Purchaser authentication error.'; }

	if($TranCode == 405){
		$errorCode= 'Signature error.'; }
	if($TranCode == 406){
		$errorCode= 'Not Acceptable Response.'; }
	if($TranCode == 407){
		$errorCode= 'Proxy authentication required.'; }

	if($TranCode == 408){
		$errorCode= 'The server timed out waiting for the request.'; }

	if($TranCode == 409){
		$errorCode= 'The request was unsuccessful due to a conflict in the state of the resource.'; }

	if($TranCode == 410){
		$errorCode= 'The resource requested is no longer available and will not be available again.'; }

	if($TranCode == 411){
		$errorCode= 'The request did not specify the length of its content, which is required by the requested resource.'; }

	if($TranCode == 412){
		$errorCode= 'The server does not meet one of the preconditions that the requester put on the request.'; }

	if($TranCode == 413){
		$errorCode= 'The request is larger than the server is willing or able to process.'; }

	if($TranCode == 420){
		$errorCode= ' Method Failure .'; }

	if($TranCode == 421){
		$errorCode= 'The service is unavailable due to a connection problem.'; }

	if($TranCode == 430){
		$errorCode= 'Not all objects expose an Automation interface.'; }
	if($TranCode == 431){
		$errorCode= 'Delivery diverted. Not permitted without  transaction authentication scheme in 3 -D secure.'; }
	if($TranCode == 432){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 433){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 434){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 435){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 436){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 437){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 438){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 439 or $TranCode == 440 ){
		$errorCode= 'Unassigned.'; }

	if($TranCode == 441){
		$errorCode= 'This is an error emanating from your server indicating that the recipient’s server is not responding.'; }

	if($TranCode == 450){
		$errorCode= 'Blocked By Windows Parental Controls.'; }

	if($TranCode == 501){
		$errorCode= 'The server either does not recognise the request method, or it lacks the ability to fulfill the request.'; }

	if($TranCode == 502){
		$errorCode= 'The Uniform Resource Locator (URL) does not use a recognized protocol.'; }

	if($TranCode == 503){
		$errorCode= 'The Web server is currently unable to handle the HTTP request due to a temporary overloading or maintenance of the server.'; }

	if($TranCode == 504){
		$errorCode= 'Gateway Timeout.'; }
	
	if($TranCode == 505){
		$errorCode= 'HTTP Version Not Supported.'; }

	if($TranCode == 506){
		$errorCode= 'Time of payment for <<Preauthorisation>> transaction is over.'; }

	if($TranCode == 507){
		$errorCode= 'Payment for <<Preauthorisation>> transaction was made before.'; }

	if($TranCode == 508){
		$errorCode= 'Wrong amount for payment, value is wrong or 20% more than the initial transaction.'; }

	if($TranCode == 509){
		$errorCode= 'Unassigned.'; } 

	if($TranCode == 510){
		$errorCode= 'Not Extended.'; } 

	if($TranCode == 511){
		$errorCode= 'Network Authentication Required	.'; } 

	if($TranCode == 509){
		$errorCode= 'Unassigned.'; } 

	if($TranCode == 601){
		$errorCode= 'Unassigned.'; } 

	}

}else{
	$errorCode= "Signature is not valid.";
}

?>
<form id="raiffeisen" action="http://booking.first.al/handlerental" method="post" >
   <input name="OrderID" type="hidden" value="<?php echo $OrderID?>" />
   <input name="TotalAmount" type="hidden" value="<?php echo $TotalAmount?>" />
   <input name="PurchaseTime" type="hidden" value="<?php echo $PurchaseTime ?>" />
   <input name="TranCode" type="hidden" value="<?php echo $TranCode ?>" />
   <input name="ApprovalCode" type="hidden" value="<?php echo $ApprovalCode ?>" />
   <input name="Email" type="hidden" value="<?php echo $Email ?>" />
   <input name="Error" type="hidden" value="<?php echo $errorCode ?>" />
   <input name="Page" type="hidden" value="<?php echo 'Success'?>" />
   <input name="bank" type="hidden" value="bank" />

</form> 

</form>
</body> 
</html>
